all InfoSec news
HC3: Lazaraus Group malware targets health systems' ManageEngine vulnerabilities
Healthcare IT News - Privacy & Security www.healthcareitnews.com
The Lazaraus Group, which Cisco Talus reported to be targeting internet backbone infrastructure and healthcare entities in Europe and the United States, evolved its MagicRAT malware and deployed the trojan within five days of the discovery of the vulnerability in ManageEngine products in January, the Health Sector Cybersecurity Coordination Center said.
WHY IT MATTERS
The Lazzarus Group can exploit the CVE-2022-47966 vulnerability – if the SAML single-sign-on is or ever has been enabled in the ManageEngine setup – and perform …
center cisco cybersecurity discovery entities europe hc3 health healthcare health sector infrastructure internet january magicrat malware manageengine products sector states systems targeting trojan united united states vulnerabilities vulnerability